CN110710159B - 用于网络配置和故障排除的方法、系统、设备和介质 - Google Patents

用于网络配置和故障排除的方法、系统、设备和介质 Download PDF

Info

Publication number
CN110710159B
CN110710159B CN201880035329.8A CN201880035329A CN110710159B CN 110710159 B CN110710159 B CN 110710159B CN 201880035329 A CN201880035329 A CN 201880035329A CN 110710159 B CN110710159 B CN 110710159B
Authority
CN
China
Prior art keywords
model
network
conflicting
rules
rule
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201880035329.8A
Other languages
English (en)
Chinese (zh)
Other versions
CN110710159A (zh
Inventor
卡蒂克·莫汉拉姆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Cisco Technology Inc
Original Assignee
Cisco Technology Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Cisco Technology Inc filed Critical Cisco Technology Inc
Publication of CN110710159A publication Critical patent/CN110710159A/zh
Application granted granted Critical
Publication of CN110710159B publication Critical patent/CN110710159B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/142Network analysis or design using statistical or mathematical methods
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0866Checking the configuration
    • H04L41/0873Checking configuration conflicts between network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0893Assignment of logical groups to network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0894Policy-based network configuration management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/145Network analysis or design involving simulating, designing, planning or modelling of a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/16Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/40Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using virtualisation of network functions or resources, e.g. SDN or NFV entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0263Rule management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • H04L41/0631Management of faults, events, alarms or notifications using root cause analysis; using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0895Configuration of virtualised networks or elements, e.g. virtualised network function or OpenFlow elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/10Active monitoring, e.g. heartbeat, ping or trace-route
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/20Arrangements for monitoring or testing data switching networks the monitoring system or the monitored elements being virtualised, abstracted or software-defined entities, e.g. SDN or NFV
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Algebra (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Probability & Statistics with Applications (AREA)
  • Pure & Applied Mathematics (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Databases & Information Systems (AREA)
  • Evolutionary Computation (AREA)
  • Medical Informatics (AREA)
  • Software Systems (AREA)
  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
CN201880035329.8A 2017-05-31 2018-05-24 用于网络配置和故障排除的方法、系统、设备和介质 Active CN110710159B (zh)

Applications Claiming Priority (5)

Application Number Priority Date Filing Date Title
US201762513218P 2017-05-31 2017-05-31
US62/513,218 2017-05-31
US15/693,174 US10581694B2 (en) 2017-05-31 2017-08-31 Generation of counter examples for network intent formal equivalence failures
US15/693,174 2017-08-31
PCT/US2018/034302 WO2018222483A1 (fr) 2017-05-31 2018-05-24 Génération de contre-exemples de défaillances d'équivalence formelle d'intentions de réseau

Publications (2)

Publication Number Publication Date
CN110710159A CN110710159A (zh) 2020-01-17
CN110710159B true CN110710159B (zh) 2022-08-19

Family

ID=62713078

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201880035329.8A Active CN110710159B (zh) 2017-05-31 2018-05-24 用于网络配置和故障排除的方法、系统、设备和介质

Country Status (4)

Country Link
US (2) US10581694B2 (fr)
EP (1) EP3632043A1 (fr)
CN (1) CN110710159B (fr)
WO (1) WO2018222483A1 (fr)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10547715B2 (en) * 2017-06-16 2020-01-28 Cisco Technology, Inc. Event generation in response to network intent formal equivalence failures
US10756983B2 (en) 2017-12-08 2020-08-25 Apstra, Inc. Intent-based analytics
US11245730B2 (en) * 2019-11-08 2022-02-08 Open Text Holdings, Inc. Systems and methods of information security monitoring with third-party indicators of compromise
CN111310113B (zh) * 2020-02-13 2021-01-15 北京工业大数据创新中心有限公司 基于时序数据的专家规则系统的反例生成方法及装置
US11467937B2 (en) * 2020-06-26 2022-10-11 Advanced Micro Devices, Inc. Configuring cache policies for a cache based on combined cache policy testing
US11283691B1 (en) * 2020-10-21 2022-03-22 Juniper Networks, Inc. Model driven intent policy conflict detection and resolution through graph analysis
US20220197728A1 (en) * 2020-12-22 2022-06-23 Nokia Solutions And Networks Oy Intent-based networking using partitioning for scalability
US11799725B2 (en) * 2020-12-22 2023-10-24 Nokia Solutions And Networks Oy Intent-based networking using reconstruction of intents
US20220239591A1 (en) * 2021-01-27 2022-07-28 Cisco Technology, Inc. Coordination of sdn underlay and overlay for deterministic traffic
WO2023287331A1 (fr) * 2021-07-15 2023-01-19 Telefonaktiebolaget Lm Ericsson (Publ) Réalisation d'une compression de données de liaison montante à l'aide de modèles d'environnement estimés
US12095735B2 (en) * 2021-11-24 2024-09-17 Level 3 Communications, Llc System and method for utilization of firewall policies for network security
CN116266267A (zh) * 2021-12-17 2023-06-20 华为技术有限公司 一种意图合法性检查方法及装置
US11743142B1 (en) 2021-12-20 2023-08-29 Illumio, Inc. Segmentation using infrastructure policy feedback
WO2023174516A1 (fr) * 2022-03-15 2023-09-21 Telefonaktiebolaget Lm Ericsson (Publ) Gestion de service basée sur l'intention
CN114640599B (zh) * 2022-03-21 2024-08-20 亚信科技(中国)有限公司 意图的冲突处理方法、装置、存储介质及计算机程序产品
US11882002B2 (en) * 2022-06-22 2024-01-23 Schweitzer Engineering Laboratories, Inc. Offline test mode SDN validation
US12425371B2 (en) * 2022-09-16 2025-09-23 Cisco Technology, Inc. System and method for providing SCHC-based edge firewalling

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101753369A (zh) * 2008-12-03 2010-06-23 北京天融信网络安全技术有限公司 一种检测防火墙规则冲突的方法及装置
CN102760076A (zh) * 2012-06-05 2012-10-31 华为技术有限公司 一种系统的策略冲突处理方法及策略冲突处理系统
CN104079428A (zh) * 2014-04-01 2014-10-01 烽火通信科技股份有限公司 管理配置信息冲突的系统及方法
CN105897493A (zh) * 2016-06-28 2016-08-24 电子科技大学 一种sdn规则冲突的检测方法
CN106656591A (zh) * 2016-12-15 2017-05-10 西安电子科技大学 一种软件定义网络中多应用间的规则冲突检测与消除方法

Family Cites Families (159)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5204829A (en) 1992-07-10 1993-04-20 Lsi Logic Corporation Interleaving operations in a floating-point numeric processor
US6763380B1 (en) 2000-01-07 2004-07-13 Netiq Corporation Methods, systems and computer program products for tracking network device performance
US20040168100A1 (en) 2000-12-04 2004-08-26 Thottan Marina K. Fault detection and prediction for management of computer networks
AU2002234258A1 (en) 2001-01-22 2002-07-30 Sun Microsystems, Inc. Peer-to-peer network computing platform
ITTO20010180A1 (it) 2001-03-01 2002-09-01 Cselt Centro Studi Lab Telecom Procedimento e sistema per il controllo della configurazione dei nodidi una rete per telecomunicazione.
US7003562B2 (en) 2001-03-27 2006-02-21 Redseal Systems, Inc. Method and apparatus for network wide policy-based analysis of configurations of devices
DE10143101A1 (de) 2001-09-03 2003-04-03 Infineon Technologies Ag Verfahren zur Validierung von Simulationsergebnissen eines Systems sowie darauf aufbauender Äquivalenzvergleich digitaler Schaltungen
US20030229693A1 (en) 2002-06-06 2003-12-11 International Business Machines Corporation Self-correcting monitor
US8073935B2 (en) 2002-07-25 2011-12-06 Oracle America, Inc. Pluggable semantic verification and validation of configuration data
ITTO20020742A1 (it) 2002-08-23 2004-02-24 Telecom Italia Lab Spa Procedimento e sistema per il controllo della
GB0224187D0 (en) 2002-10-17 2002-11-27 Mitel Knowledge Corp Interactive conflict resolution for personalised policy-based services
US7453886B1 (en) 2003-03-11 2008-11-18 Nortel Networks Limited Verification of communications paths between devices
US7089369B2 (en) 2003-03-31 2006-08-08 Sun Microsystems, Inc. Method for optimizing utilization of a double-data-rate-SDRAM memory system
EA015549B1 (ru) 2003-06-05 2011-08-30 Интертраст Текнолоджис Корпорейшн Переносимая система и способ для приложений одноранговой компоновки услуг
US9264922B2 (en) 2003-08-05 2016-02-16 Mobileum Inc. Method and system for ensuring service continuity in case of a proxy profile gateway failure or interruption
US20050108389A1 (en) 2003-11-13 2005-05-19 International Business Machines Corporation Network endpoint health check
US7360064B1 (en) 2003-12-10 2008-04-15 Cisco Technology, Inc. Thread interleaving in a multithreaded embedded processor
US7609647B2 (en) 2004-05-12 2009-10-27 Bce Inc. Method and apparatus for network configuration validation
US8010952B2 (en) 2004-06-08 2011-08-30 Cisco Technology, Inc. Method and apparatus for configuration syntax and semantic validation
US7505463B2 (en) 2004-06-15 2009-03-17 Sun Microsystems, Inc. Rule set conflict resolution
US7698561B2 (en) 2004-08-12 2010-04-13 Cisco Technology, Inc. Method and system for detection of aliases in a network
JP4192877B2 (ja) 2004-09-29 2008-12-10 ブラザー工業株式会社 設定データ伝送プログラム、設定データ伝送装置、および設定データ伝送システム
US8024568B2 (en) 2005-01-28 2011-09-20 Citrix Systems, Inc. Method and system for verification of an endpoint security scan
US7401305B2 (en) 2005-07-11 2008-07-15 International Business Machines Corporation Adaptive application of SAT solving techniques
US7619989B2 (en) 2005-08-26 2009-11-17 Alcatel Lucent Routing configuration validation apparatus and methods
US7765093B2 (en) 2005-09-19 2010-07-27 Itt Manufacturing Enterprises, Inc. Network modeling system and method of simulating network operation with configurable node models
US20070124437A1 (en) 2005-11-30 2007-05-31 Cisco Technology, Inc. Method and system for real-time collection of log data from distributed network components
JP2007241533A (ja) 2006-03-07 2007-09-20 Oki Electric Ind Co Ltd システム構成情報比較装置およびコンピュータプログラム
US8040895B2 (en) 2006-03-22 2011-10-18 Cisco Technology, Inc. Method and system for removing dead access control entries (ACEs)
US20080031147A1 (en) 2006-08-01 2008-02-07 Siemens Communications, Inc. Network status determination
US20080172716A1 (en) 2006-09-12 2008-07-17 Rajesh Talpade IP network vulnerability and policy compliance assessment by IP device analysis
US20080117827A1 (en) 2006-11-17 2008-05-22 Nec Corporation Method and system for verifying connectivity of logical link
US8719375B2 (en) 2007-03-22 2014-05-06 Microsoft Corporation Remote data access techniques for portable devices
US8484693B2 (en) 2007-04-27 2013-07-09 Gregory W. Cox Efficient policy conflict detection
US8782182B2 (en) 2007-05-24 2014-07-15 Foundry Networks, Llc Generating device-specific configurations
US8209738B2 (en) 2007-05-31 2012-06-26 The Board Of Trustees Of The University Of Illinois Analysis of distributed policy rule-sets for compliance with global policy
US8499331B1 (en) 2007-06-27 2013-07-30 Emc Corporation Policy based network compliance
US7992201B2 (en) 2007-07-26 2011-08-02 International Business Machines Corporation Dynamic network tunnel endpoint selection
US7743274B2 (en) 2007-09-12 2010-06-22 International Business Machines Corporation Administering correlated error logs in a computer system
US8494977B1 (en) 2007-09-28 2013-07-23 Emc Corporation IT policy violation views
JP4872945B2 (ja) 2008-02-25 2012-02-08 日本電気株式会社 運用管理装置、運用管理システム、情報処理方法、及び運用管理プログラム
US20090249284A1 (en) 2008-02-29 2009-10-01 Doyenz Incorporated Automation for virtualized it environments
US8082290B2 (en) 2008-03-19 2011-12-20 Verizon Patent And Licensing Inc. Intelligent establishment of peer-to-peer communication
US8270952B2 (en) 2009-01-28 2012-09-18 Headwater Partners I Llc Open development system for access service providers
US8554883B2 (en) 2008-08-06 2013-10-08 Cisco Technology, Inc. Apparatus and method for sharing a generic configuration across a group of network devices
US8441941B2 (en) 2008-10-06 2013-05-14 Cisco Technology, Inc. Automating identification and isolation of loop-free protocol network problems
US8103480B2 (en) 2008-10-31 2012-01-24 Hewlett-Packard Development Company, L.P. Evaluating service level agreement violations
US8627328B2 (en) 2008-11-14 2014-01-07 Oracle International Corporation Operation control for deploying and managing software service in a virtual environment
US9319300B2 (en) 2008-12-09 2016-04-19 Glue Networks, Inc. Systems and methods for determining endpoint configurations for endpoints of a virtual private network (VPN) and deploying the configurations to the endpoints
US20100198909A1 (en) 2009-02-03 2010-08-05 Fluke Corporation Method and apparatus for the continuous collection and correlation of application transactions across all tiers of an n-tier application
US8479267B2 (en) 2009-06-30 2013-07-02 Sophos Limited System and method for identifying unauthorized endpoints
JP2011087302A (ja) 2009-10-19 2011-04-28 Ip Infusion Inc Bgp経路監視装置、bgp経路監視方法、およびプログラム
US8416696B2 (en) 2010-01-04 2013-04-09 Cisco Technology, Inc. CFM for conflicting MAC address notification
US8689307B2 (en) 2010-03-19 2014-04-01 Damaka, Inc. System and method for providing a virtual peer-to-peer environment
US8375117B2 (en) 2010-04-28 2013-02-12 Juniper Networks, Inc. Using endpoint host checking to classify unmanaged devices in a network and to improve network location awareness
US8959139B2 (en) 2010-05-28 2015-02-17 Juniper Networks, Inc. Application-layer traffic optimization service endpoint type attribute
US8718070B2 (en) 2010-07-06 2014-05-06 Nicira, Inc. Distributed network virtualization apparatus and method
US20120054163A1 (en) 2010-08-27 2012-03-01 Motorola, Inc. Policy conflict classifier
US9389993B1 (en) 2010-09-03 2016-07-12 Cisco Technology, Inc. System and method for whitelist management
US8910143B2 (en) 2010-09-20 2014-12-09 General Electric Company Conversion system and method for use in upgrading a monitoring system
EP2437470A1 (fr) 2010-09-30 2012-04-04 British Telecommunications Public Limited Company Element de réseau et procédé pour dériver des données de qualité de service d'un système de noms hiérarchique et distribué
EP2668600A4 (fr) 2011-01-27 2014-08-06 Computenext Inc Organisation dynamique de ressources de cloud computing pour faciliter la découverte
US8589934B2 (en) 2011-04-01 2013-11-19 Arm Limited Controlling priority levels of pending threads awaiting processing
US8935389B2 (en) 2011-05-17 2015-01-13 Guavus, Inc. Method and system for collecting and managing network data
US8693344B1 (en) 2011-09-27 2014-04-08 Big Switch Network, Inc. Systems and methods for generating packet forwarding rules based on network policy
US8914843B2 (en) 2011-09-30 2014-12-16 Oracle International Corporation Conflict resolution when identical policies are attached to a single policy subject
US20130097660A1 (en) 2011-10-17 2013-04-18 Mcafee, Inc. System and method for whitelisting applications in a mobile network environment
US8930756B2 (en) 2011-12-22 2015-01-06 International Business Machines Corporation Grouping related errors in a distributed computing environment
US9106555B2 (en) 2012-01-25 2015-08-11 Cisco Technology, Inc. Troubleshooting routing topology based on a reference topology
US9405553B2 (en) 2012-01-30 2016-08-02 International Business Machines Corporation Processing element management in a streaming data system
WO2013118687A1 (fr) 2012-02-10 2013-08-15 日本電気株式会社 Système informatique et procédé de visualisation de réseau virtuel
US9444842B2 (en) 2012-05-22 2016-09-13 Sri International Security mediation for dynamically programmable network
US9571523B2 (en) 2012-05-22 2017-02-14 Sri International Security actuator for a dynamically programmable computer network
US9898317B2 (en) 2012-06-06 2018-02-20 Juniper Networks, Inc. Physical path determination for virtual network packet flows
US8874704B2 (en) 2012-07-11 2014-10-28 Bmc Software, Inc. Semi-automatic discovery and generation of useful service blueprints
US9571502B2 (en) 2012-09-14 2017-02-14 International Business Machines Corporation Priority resolution for access control list policies in a networking device
US9276877B1 (en) 2012-09-20 2016-03-01 Wiretap Ventures, LLC Data model for software defined networks
US9055000B1 (en) 2012-12-17 2015-06-09 Juniper Networks, Inc. Distributed network subnet
CN105103492B (zh) 2013-01-30 2019-06-28 慧与发展有限责任合伙企业 控制网络拓扑
US9860140B2 (en) 2013-02-05 2018-01-02 Cisco Technology, Inc. Dynamically adjusting a set of monitored network properties using distributed learning machine feedback
US8966637B2 (en) 2013-02-08 2015-02-24 PhishMe, Inc. Performance benchmarking for simulated phishing attacks
US9596141B2 (en) 2013-03-15 2017-03-14 Cisco Technology, Inc. Representing software defined networks using a programmable graph model
WO2014143119A1 (fr) * 2013-03-15 2014-09-18 Hewlett-Packard Development Company, L.P. Détection de boucle de données
US9775085B2 (en) * 2013-04-05 2017-09-26 Avago Technologies General Ip (Singapore) Pte. Ltd. Network discovery and selection using utility information and radio interworking
US10291515B2 (en) 2013-04-10 2019-05-14 Huawei Technologies Co., Ltd. System and method for a control plane reference model framework
US10021027B2 (en) 2013-04-30 2018-07-10 Comcast Cable Communications, Llc Network validation with dynamic tunneling
US9225601B2 (en) 2013-06-17 2015-12-29 The Board Of Trustees Of The University Of Illinois Network-wide verification of invariants
US20140379915A1 (en) 2013-06-19 2014-12-25 Cisco Technology, Inc. Cloud based dynamic access control list management architecture
US9246818B2 (en) 2013-06-24 2016-01-26 Cisco Technology, Inc. Congestion notification in leaf and spine networks
CN104348757B (zh) 2013-07-31 2018-03-16 华为技术有限公司 一种流表交互方法、交换机及系统
US9548965B2 (en) 2013-08-26 2017-01-17 Nicira, Inc. Proxy methods for suppressing broadcast traffic in a network
KR101455167B1 (ko) 2013-09-03 2014-10-27 한국전자통신연구원 화이트리스트 기반의 네트워크 스위치
US9553845B1 (en) 2013-09-30 2017-01-24 F5 Networks, Inc. Methods for validating and testing firewalls and devices thereof
US9876711B2 (en) 2013-11-05 2018-01-23 Cisco Technology, Inc. Source address translation in overlay networks
EP3605971B1 (fr) 2013-11-05 2021-10-13 Cisco Technology, Inc. Superposition de tissu unifié
US9590914B2 (en) 2013-11-05 2017-03-07 Cisco Technology, Inc. Randomized per-packet port channel load balancing
US9374294B1 (en) 2013-11-05 2016-06-21 Cisco Technology, Inc. On-demand learning in overlay networks
CN103701926B (zh) 2013-12-31 2017-06-16 小米科技有限责任公司 一种获取故障原因信息的方法、装置和系统
US9660886B1 (en) 2014-03-07 2017-05-23 Google Inc. Scalable network route analysis
US10476698B2 (en) 2014-03-20 2019-11-12 Avago Technologies International Sales Pte. Limited Redundent virtual link aggregation group
US9654361B2 (en) 2014-05-13 2017-05-16 Cisco Technology, Inc. Dynamic collection of network metrics for predictive analytics
US9935831B1 (en) 2014-06-03 2018-04-03 Big Switch Networks, Inc. Systems and methods for controlling network switches using a switch modeling interface at a controller
KR101886291B1 (ko) 2014-06-30 2018-09-06 후아웨이 테크놀러지 컴퍼니 리미티드 흐름 엔트리 구성 방법, 장치, 및 시스템
CN104104615B (zh) 2014-07-21 2017-07-07 华为技术有限公司 策略冲突解决方法以及装置
US9813312B2 (en) 2014-07-21 2017-11-07 Big Switch Networks, Inc. Systems and methods for performing debugging operations on networks using a controller
US10050842B2 (en) 2014-07-23 2018-08-14 Cisco Technology, Inc. Network control and management using semantic reasoners in a network environment
US9497215B2 (en) 2014-07-23 2016-11-15 Cisco Technology, Inc. Stealth mitigation for simulating the success of an attack
EP3175579B1 (fr) 2014-07-30 2019-02-27 Forward Networks, Inc. Systèmes et procédés de gestion de réseau
US20160164748A1 (en) 2014-12-04 2016-06-09 Belkin International, Inc. Identifying and resolving network device rule conflicts and recursive operations at a network device
US9497207B2 (en) 2014-08-15 2016-11-15 International Business Machines Corporation Securing of software defined network controllers
WO2016039730A1 (fr) 2014-09-09 2016-03-17 Hewlett Packard Enterprise Development Lp Autoconfiguration et gestion de ressources de stockage
CN105471830A (zh) 2014-09-10 2016-04-06 中国电信股份有限公司 用于消解安全策略冲突的方法、装置和系统
US9641249B2 (en) 2014-09-18 2017-05-02 Lenovo Enterprise Solutions (Singapore) Pte, Ltd. Support for converged fiber channel over ethernet (FCoE) traffic on software defined networks (SDNs)
US9378461B1 (en) * 2014-09-26 2016-06-28 Oracle International Corporation Rule based continuous drift and consistency management for complex systems
US9787572B2 (en) * 2014-10-07 2017-10-10 Cisco Technology, Inc. Conflict avoidant traffic routing in a network environment
US9781004B2 (en) 2014-10-16 2017-10-03 Cisco Technology, Inc. Discovering and grouping application endpoints in a network environment
US9686162B2 (en) * 2014-10-17 2017-06-20 International Business Machines Corporation Identifying configuration inconsistency in edge-based software defined networks (SDN)
EP3216177B1 (fr) 2014-11-06 2021-04-14 Hewlett Packard Enterprise Development LP Graphes de politiques de réseau
US9690644B2 (en) 2014-11-06 2017-06-27 International Business Machines Corporation Cognitive analysis for healing an IT system
US10116493B2 (en) 2014-11-21 2018-10-30 Cisco Technology, Inc. Recovering from virtual port channel peer failure
US9594640B1 (en) 2014-11-25 2017-03-14 VCE IP Holding Company LLC Backup/recovery system and method for a computing environment
US10425282B2 (en) 2014-11-28 2019-09-24 Hewlett Packard Enterprise Development Lp Verifying a network configuration
CN105721193B (zh) 2014-12-05 2020-04-28 方正国际软件(北京)有限公司 一种系统信息监控的方法和设备
WO2016093861A1 (fr) 2014-12-12 2016-06-16 Nokia Solutions And Networks Oy Corrélation d'alarme dans un environnement de virtualisation de fonction de réseau
US9680875B2 (en) 2015-01-20 2017-06-13 Cisco Technology, Inc. Security policy unification across different security products
CN105991332A (zh) 2015-01-27 2016-10-05 中兴通讯股份有限公司 告警处理方法及装置
US10411951B2 (en) 2015-02-10 2019-09-10 Hewlett Packard Enterprise Development Lp Network policy conflict detection and resolution
US10530697B2 (en) 2015-02-17 2020-01-07 Futurewei Technologies, Inc. Intent based network configuration
US10504025B2 (en) 2015-03-13 2019-12-10 Cisco Technology, Inc. Parallel processing of data by multiple semantic reasoning engines
US10700958B2 (en) 2015-04-01 2020-06-30 Neutrona Networks International Llc Network management system with traffic engineering for a software defined network
US10601642B2 (en) 2015-05-28 2020-03-24 Cisco Technology, Inc. Virtual network health checker
US9929949B2 (en) 2015-06-29 2018-03-27 Google Llc Systems and methods for inferring network topology and path metrics in wide area networks
US20170026292A1 (en) 2015-07-20 2017-01-26 Schweitzer Engineering Laboratories, Inc. Communication link failure detection in a software defined network
US10243778B2 (en) 2015-08-11 2019-03-26 Telefonaktiebolaget L M Ericsson (Publ) Method and system for debugging in a software-defined networking (SDN) system
US10057124B2 (en) * 2015-08-21 2018-08-21 Vmware, Inc. Resolving configuration errors through recommendations
CN106488487A (zh) 2015-08-27 2017-03-08 中兴通讯股份有限公司 故障检测方法及装置
US20180331965A1 (en) 2015-08-31 2018-11-15 Hewlett Packard Enterprise Development Lp Control channel usage monitoring in a software-defined network
US10148489B2 (en) 2015-09-01 2018-12-04 At&T Intellectual Property I, L.P. Service impact event analyzer for cloud SDN service assurance
US9929924B2 (en) 2015-09-25 2018-03-27 Telefonaktiebolaget Lm Ericsson (Publ) SDN controller logic-inference network troubleshooter (SDN-LINT) tool
US9882833B2 (en) 2015-09-28 2018-01-30 Centurylink Intellectual Property Llc Intent-based services orchestration
CA2998179A1 (fr) 2015-09-28 2017-04-06 Evenroute, Llc Optimisation automatique de qualite de service (qos) dans un equipement de reseau
US10291654B2 (en) 2015-09-30 2019-05-14 Symantec Corporation Automated construction of network whitelists using host-based security controls
CN106603264A (zh) 2015-10-20 2017-04-26 阿里巴巴集团控股有限公司 一种定位故障根源的方法和设备
US10643149B2 (en) 2015-10-22 2020-05-05 Oracle International Corporation Whitelist construction
US10419530B2 (en) 2015-11-02 2019-09-17 Telefonaktiebolaget Lm Ericsson (Publ) System and methods for intelligent service function placement and autoscale based on machine learning
US20170126727A1 (en) 2015-11-03 2017-05-04 Juniper Networks, Inc. Integrated security system having threat visualization
US10069646B2 (en) 2015-12-02 2018-09-04 Nicira, Inc. Distribution of tunnel endpoint mapping information
CN108476179A (zh) 2015-12-17 2018-08-31 慧与发展有限责任合伙企业 简化的正交网络策略集选择
US10979311B2 (en) 2016-01-05 2021-04-13 Schneider Electric USA, Inc. System and method for validating network configuration changes in a client environment
US10261858B2 (en) 2016-01-20 2019-04-16 Intel Corporation TCAM soft-error detection method and apparatus
CN105721297B (zh) 2016-01-28 2019-04-09 北京国电通网络技术有限公司 基于sdn网络中路由环路的检测方法及系统
CN106130766B (zh) 2016-09-23 2020-04-07 深圳灵动智网科技有限公司 一种基于sdn技术实现自动化网络故障分析的系统和方法
US10868737B2 (en) * 2016-10-26 2020-12-15 Arizona Board Of Regents On Behalf Of Arizona State University Security policy analysis framework for distributed software defined networking (SDN) based cloud environments
US20170187577A1 (en) 2017-03-14 2017-06-29 Nuviso Networks Inc System for configuring network devices
US10826788B2 (en) * 2017-04-20 2020-11-03 Cisco Technology, Inc. Assurance of quality-of-service configurations in a network
US10560328B2 (en) * 2017-04-20 2020-02-11 Cisco Technology, Inc. Static network policy analysis for networks
US10439875B2 (en) * 2017-05-31 2019-10-08 Cisco Technology, Inc. Identification of conflict rules in a network intent formal equivalence failure
US10652102B2 (en) * 2017-06-19 2020-05-12 Cisco Technology, Inc. Network node memory utilization analysis
US10554493B2 (en) * 2017-06-19 2020-02-04 Cisco Technology, Inc. Identifying mismatches between a logical model and node implementation

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101753369A (zh) * 2008-12-03 2010-06-23 北京天融信网络安全技术有限公司 一种检测防火墙规则冲突的方法及装置
CN102760076A (zh) * 2012-06-05 2012-10-31 华为技术有限公司 一种系统的策略冲突处理方法及策略冲突处理系统
CN104079428A (zh) * 2014-04-01 2014-10-01 烽火通信科技股份有限公司 管理配置信息冲突的系统及方法
CN105897493A (zh) * 2016-06-28 2016-08-24 电子科技大学 一种sdn规则冲突的检测方法
CN106656591A (zh) * 2016-12-15 2017-05-10 西安电子科技大学 一种软件定义网络中多应用间的规则冲突检测与消除方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Detection and prevention of firewall-rule conflicts on software-defined networking;Ferney A. Maldonado-Lopez;《2015 7th International Workshop on Reliable Networks Design and Modeling (RNDM)》;20151007;正文2-4页 *

Also Published As

Publication number Publication date
CN110710159A (zh) 2020-01-17
US20200204453A1 (en) 2020-06-25
US20180351818A1 (en) 2018-12-06
EP3632043A1 (fr) 2020-04-08
WO2018222483A1 (fr) 2018-12-06
US10581694B2 (en) 2020-03-03
US11303531B2 (en) 2022-04-12

Similar Documents

Publication Publication Date Title
CN110710159B (zh) 用于网络配置和故障排除的方法、系统、设备和介质
US10951477B2 (en) Identification of conflict rules in a network intent formal equivalence failure
US10623264B2 (en) Policy assurance for service chaining
CN110521170B (zh) 网络的静态网络策略分析
US10826788B2 (en) Assurance of quality-of-service configurations in a network
US11563833B2 (en) Event generation in response to network intent formal equivalence failures
US10693738B2 (en) Generating device-level logical models for a network
US20180367417A1 (en) Shim layer for extracting and prioritizing underlying rules for modeling network intents
CN110612702A (zh) 针对不一致的意图规范检查
CN110741603A (zh) 拓扑探测器
US20180351821A1 (en) Generating a network-wide logical model for network policy analysis
CN110800259B (zh) 跨以应用为中心的维度的分布式故障代码聚合
US10623271B2 (en) Intra-priority class ordering of rules corresponding to a model of network intents

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant